October marks the 14th year since the Department of Homeland Security created National Cyber Security Awareness Month (NCASM). Each year, security experts and organizations work hard to address cybersecurity issues and trends in types of attacks. Despite this, cybercrimes are on the rise, specifically attacks against small and medium-sized businesses.
The Smaller the Better
The news may publicize the issue of hackers and data breaches in large companies, but 58% of cyber-attack victims are small businesses, according to Verizon 2018 Data Breach Investigation Report. The report also states that a quarter of these attacks are caused by people inside organizations, though it is not clarified if these attacks are intentional or not. Cyber-attacks on small and medium-sized companies can cost more than 2 million dollars in damaged IT assets and operational downtime. Small businesses are often targeted because they tend to lack security resources of larger companies, even though the criminals might not be able to extort them for as much money.
The Rise in New and Improved Malware Tactics
As IT professionals work to address the common gaps in cybersecurity, criminals work to develop new and more creative ways to access your private information. Fileless attacks, for example, are 10x more successful and much harder to trace than methods such as ransomware and are increasing in number as a response to stronger security measures against former tactics. Criminals utilizing fileless techniques do not require software or files, they simply hijack current software that is often already built into Windows like Adobe Flash. They will begin when an unsuspecting employee clicks on a suspicious link, often sent through emails, and through there the hackers will take control and make the computer turn against itself.
Everyone is At Risk
This year alone, several major companies experienced data breaches that cost over 300 million dollars. These data breaches should have been prevented through employee education and stricter cybersecurity methods.
The Latest Answer
There is no one way to prevent cyberattacks, instead, experts recommends utilizing several locks and measures to avoid being attacked. For example, moving your information to the cloud might seem like the safe solution to secure your network, but if the best cyber security practices are not implemented with the technology, cybercriminals can still be a threat. Promptly updating and patching applications and operating systems, changing your passwords often, and continual training of your staff are all just as valuable to the security of your data as your monitoring tools and backups.
The Good News
Small and medium-sized businesses have an advantage when dealing with some of the issues of cybersecurity, awareness being one. A smaller company can better inform team members of problems to look out for, and prevention methods are easier to enforce. A small company can also benefit from outsourcing security and backup data solutions to IT specialists for much less than a large company or building a security team in-house.
Over the next few weeks, we will dive into the topic of cyber security and prevention methods to protect your business information. We will go into topics such as security training and awareness, simulated phishing campaigns, monitoring tools, unified threat management, endpoint protection, and backups and disaster recovery solutions.